While I started my project to setup an own (Home) Kubernetes cluster with a mixed-architecture (AMD64+ARM64), I realized that there are a lot of public helm charts around that do not satisfy my 2 basic needs of: 1. Deploying architecture independent images 2. Fullfil basic security settings (non-root, unprivileged,
After part 3 of this blog series we have a fully working Kubernetes cluster. Load-Balancer It has one major drawback: All exposed ports of running pods/services are only reachable under the specific worker node IP address. In a real cluster a load-balancer would handle all incoming traffic and route
There is a small point in the Release Notes of Kubernetes 1.20 [https://kubernetes.io/docs/setup/release/notes/#v1-20-0] which could break a cluster that using Metallb and/or NFS client provisioner. A feature called selfLink [https://github.com/kubernetes/kubernetes/pull/94397] (which is deprecated since 1.
The following steps have to be done on all Raspberry Pi's in the cluster! Prepare Docker installation Enable the linux kernel control groups (cgroups) for Docker and Kubernetes. These cgroups [https://en.wikipedia.org/wiki/Cgroups]are responsible for isolation and limiting of resources like CPU and memory. Therefor it's